A Superfish-like security flaw has been discovered on a number of Dell laptops, specifically an SSL certificate that is pre-installed on some of the company's laptops.
The certificate itself is eDellRoot, which was first discovered by Joe Nord, a programmer who highlighted the fact that Dell's permissions allow for the trust of any SSL certificate, which is certainly a problem, in this case.
Because of the fact that the certificate is stored locally, attackers could create a forged copy of the signing key, which exposes the user to a number of SSL attacks. The particular laptops that have been affected include the Inspiron 5000 and the XPS 15, however, some reports suggest that it is also on the XPS 13 and that it may be present on a significant number of Dell's laptops.
The security flaw is reminiscent of the Lenovo Superfish scandal, which used a similar certificate. Superfish was a type of adware that injected ads into websites and undermined a number of security protocols in laptops. Dell's case is a little different because there is no suggestion that the certificate is being used for advertising, however, the result of a computer being open to attack is the same. In order to fix the issue, users have to manually revoke permissions, which is a pretty complex process and something that the average user probably can't do.
Due to the fact that the security key is stored locally on each computer, it really wouldn't be that difficult for hackers to come up with the security key to certify unsafe traffic. A number of security researchers have already been able to exploit the flaw.
"It appears that there is definitely more than one eDellRoot thumbprint, as well as at least one other defunct private certificate on the system that we were able to crack the password on without substantial effort," said Darren Kemp, a researcher at DuoSecurity, in an interview with the Verge.
It's not yet known how many computers have been affected, however, Dell says that it is looking into the issue.
Via: The Verge